Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tFZS1wHVEVg1p2h80FxYv_kAZA.roa
File: 2tFZS1wHVEVg1p2h80FxYv_kAZA.roa (raw, json)
Hash identifier: 8Jx90au7bEa9H9EGXU4+QPkxclhb9HFHHc3Hv5n9Suc=
Subject key identifier: DA:D1:59:4B:5C:07:54:45:60:D6:9D:A1:F3:41:71:62:FF:E4:01:90
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BF183638FBDD45F27A6C2331A929F42D6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tFZS1wHVEVg1p2h80FxYv_kAZA.roa
Signing time: Tue 21 Nov 2023 10:53:21 +0000
ROA not before: Tue 21 Nov 2023 10:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.222.29.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 11:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:83:63:8f:bd:d4:5f:27:a6:c2:33:1a:92:9f:42:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 21 10:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dad1594b5c07544560d69da1f3417162ffe40190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:53:13:7f:96:cc:b0:e9:82:b0:2c:34:85:
c4:d3:a1:13:66:0a:2a:3c:05:6d:fe:09:4e:5d:25:
90:2c:83:49:05:df:5c:78:76:c2:4e:15:38:12:e1:
ce:4a:2c:35:44:ad:1b:3e:6c:c4:7c:87:f2:19:08:
e8:82:ac:fe:09:e6:ee:db:39:d5:96:e3:e8:d3:3d:
40:e8:50:58:04:29:fa:57:ef:ab:15:86:53:72:69:
2e:c7:98:a7:21:bf:f2:22:2f:9f:7c:1a:c5:70:ae:
55:a0:04:b8:27:e4:c6:11:c7:98:bc:0e:6b:e4:03:
2c:be:4c:7a:53:fb:4c:84:d0:0e:79:90:cb:43:0b:
64:87:17:ae:84:53:a4:ab:3b:dd:49:e7:41:6d:45:
34:e8:1d:e3:ea:8f:fb:20:ef:0f:ee:70:20:1f:3b:
f1:cb:ad:47:3a:74:8f:03:ba:b3:ad:89:11:4b:73:
c8:92:ed:7c:62:58:3f:6c:b9:32:73:cb:66:65:5a:
9f:cc:70:88:4b:33:33:c7:75:68:3b:7c:75:fa:d9:
be:f8:26:01:f8:da:56:b1:df:92:36:c4:d3:53:ff:
bc:f4:d2:67:a9:e7:18:8c:18:ef:68:b1:9c:34:14:
29:e4:e5:44:61:6d:f6:0b:43:c9:55:66:23:05:bf:
e3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D1:59:4B:5C:07:54:45:60:D6:9D:A1:F3:41:71:62:FF:E4:01:90
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2tFZS1wHVEVg1p2h80FxYv_kAZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.73.0/24
185.218.101.0/24
185.222.29.0/24
185.223.82.0/24
185.246.112.0/24
193.58.146.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:29:0f:79:e6:bf:8f:53:26:46:c0:1d:0e:37:30:ba:59:01:
a9:e9:a9:9a:ed:0f:c8:1d:b6:63:c3:9a:53:bf:9d:ae:c5:b9:
21:d4:79:3c:11:18:fa:23:09:4b:8a:f5:31:8e:7a:de:cf:c2:
8d:38:38:11:e5:31:44:16:4a:ec:55:d8:0a:42:48:11:52:91:
c8:ed:6c:51:9e:f3:a0:51:97:50:35:14:7e:b1:86:11:5e:f6:
0b:53:a6:6d:66:e7:b9:2f:28:d4:98:ee:b8:bb:0a:28:18:b7:
37:50:ea:ab:14:6d:42:9a:d7:f6:02:06:72:7b:f6:2f:bc:87:
c8:32:22:f6:0c:00:bb:0f:30:34:7c:f3:68:a9:4f:fa:06:ee:
66:04:d6:74:8f:79:96:c2:b0:4d:06:7c:bb:9c:72:78:95:58:
3d:9e:a4:cf:5c:48:af:5a:0c:c0:39:20:f3:00:e8:d5:81:79:
89:34:da:fb:ec:41:20:a3:d5:ef:f4:48:36:a3:34:41:9a:d7:
a5:6a:a1:e4:0b:4f:70:d6:5e:c6:f7:fe:81:bd:62:02:61:12:
b4:63:68:47:75:b8:d8:08:45:05:70:a7:8e:ca:1d:d2:b8:9d:
b6:f8:c6:07:c7:90:17:ed:e9:3b:bf:93:67:fd:30:f7:79:ef:
c3:e3:2d:7e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYvxg2OPvdRfJ6bCMxqSn0LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTIxMTA1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQxNTk0YjVjMDc1NDQ1NjBkNjlkYTFmMzQxNzE2MmZmZTQwMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC5TE3+WzLDpgrAsNIXE06ETZgoq
PAVt/glOXSWQLINJBd9ceHbCThU4EuHOSiw1RK0bPmzEfIfyGQjogqz+Cebu2znV
luPo0z1A6FBYBCn6V++rFYZTcmkux5inIb/yIi+ffBrFcK5VoAS4J+TGEceYvA5r
5AMsvkx6U/tMhNAOeZDLQwtkhxeuhFOkqzvdSedBbUU06B3j6o/7IO8P7nAgHzvx
y61HOnSPA7qzrYkRS3PIku18Ylg/bLkyc8tmZVqfzHCISzMzx3VoO3x1+tm++CYB
+NpWsd+SNsTTU/+89NJnqecYjBjvaLGcNBQp5OVEYW32C0PJVWYjBb/jYwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNrRWUtcB1RFYNadofNBcWL/5AGQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMnRGWlMxd0hWRVZnMXAyaDgwRnhZdl9rQVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAucKxAwQA
udFJAwQAudplAwQAud4dAwQAud9SAwQAufZwAwQAwTqSAwQAwgVAMA0GCSqGSIb3
DQEBCwUAA4IBAQCfKQ955r+PUyZGwB0ONzC6WQGp6ama7Q/IHbZjw5pTv52uxbkh
1Hk8ERj6IwlLivUxjnrez8KNODgR5TFEFkrsVdgKQkgRUpHI7WxRnvOgUZdQNRR+
sYYRXvYLU6ZtZue5LyjUmO64uwooGLc3UOqrFG1Cmtf2AgZye/YvvIfIMiL2DAC7
DzA0fPNoqU/6Bu5mBNZ0j3mWwrBNBny7nHJ4lVg9nqTPXEivWgzAOSDzAOjVgXmJ
NNr77EEgo9Xv9Eg2ozRBmtelaqHkC09w1l7G9/6BvWICYRK0Y2hHdbjYCEUFcKeO
yh3SuJ22+MYHx5AX7ek7v5Nn/TD3ee/D4y1+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org